What is claimed is: 



1 LA system for communications over the Internet, comprising: 

2 at least one router connectable to a first user terminal; 

3 at least one subscriber virtual frame relay switch (VS) connectable to the 

4 at least one router; and 

5 at least one virtual router (VR) to connect the VS to the Internet for 

6 communications between the first user terminal and a second user terminal over the 

7 Internet. 

0 1 2. The system of claim 1, further comprising: 

3ii 

if 2 at least a second router connectable to the second user terminal; 

!^ 3 at least a second VS connectable to the second router; and 

01 4 at least a second VR to connect the second VS to the Internet for 
f*t 5 communications between the first user terminal and the second user terminal. 

m 

Q 

1 3. The system of claim 1 , wherein the communications over the Internet is via an 

o 

fjj 2 Internet protocol security (IP Sec) tunnel. 

1 4. The system of claim 1 , further comprising a payload transport protocol for 

2 communicating payload information between the first user terminal and the 

3 second user terminal. 

1 5. The system of claim 1 , further comprising a switch-to-switch signaling protocol 

2 to communicate signaling and other information between the at least one VS 

3 and a second VS. 

1 6. The system of claim 1, further comprising a data link connection identifier 

2 (DLCI) to provide routing information to establish a communications link 
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between the first user and the second user and to provide service parameters 
associated with the communications link. 

7. The system of claim 6, wherein the DLCI service parameters comprise at least 
one of a frame size, a committed information rate (CIR), a committed burst rate 
(Be), burst excess size (Be) and committed rate measurement error (Tc). 

8. The system of claim 1 , further comprising a local management interface (LMI) 
associated with the VS to respond to status inquiries and make status inquiries 
regarding other components of the system. 

9. The system of claim 1 , further comprising an operation support system to 
control establishment and operation of a communications link between the first 
user terminal and the second user terminal. 

10. The system of claim 1 > wherein the at least one VS implements signaling 
between other VSs in a virtual private network (VPN) for coordination of 
information transfer between VSs over the Internet and encapsulation of frame 
relay header and payload information for communication between users over the 
Internet, 

11. The system of claim 1 , wherein information is transferred between users in 
frames, each frame containing a sequence number to preserve the order of the 
frames. 

12. A system for communications over the Internet, comprising: 

a plurality of routers, each router connectable to at least one user 

terminal; 
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a plurality of Internet protocol service switches (IPSXs), each IPSX is 
correctable to at least one of the plurality of routers and comprises: 

a subscriber virtual frame relay switch (VS); and 
a virtual router (VR) to connect the VS to the Internet for 
communications between the user terminals associated with each of the routers over the 
Internet. 

13. The system of claim 12, wherein communications over the Internet is via an IP 
Sec tunnel. 

14. The system of claim 12, further comprising a payload transport protocol for 
communicating frame relay information between the VSs. 

15. The system of claim 14, wherein the payload transport protocol organizes the 
payload information into at least one frame, the at least one frame comprising at 
least one of the following parameters: 

a frame sequence number (Seq); 
a discard enable bit (DE) 

a forward explicit congestion notification (FECN); 

a backward explicit congestion notification (BECN); 

a data link connection identifier (DLCI); and 

a frame relay over Internet protocol (FOIP) tunnel identification. 

16. The system of claim 12, wherein the transport protocol is based on user 
datagram protocol (UDP/IP). 

1 7. The system of claim 1 6, wherein the frame relay protocol is encapsulated in a 
frame relay over Internet protocol (FOIP) header that is then encapsulated in 
UDP. 
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1 18. The system of claim 12, further comprising a switch-to-switch signaling 

2 protocol (SSFOIP) to communicate signaling and other information between the 

3 different VSs and to provide periodic synchronization of the different VSs. 

1 1 9. The system of claim 1 8, wherein the SSFOIP is based on UDP/IP and operates 

2 in parallel with the transport protocol. 

1 20. The system of claim 12, further comprising a frame relay local management 

2 interface (LMI) associated with each VS to respond to and send component 

3 status inquiries. 

1 21. The system of claim 12, further comprising an operations support system (OSS), 

2 the OSS establishing a permanent virtual circuit (PVC) between each of the user 

3 terminals in a virtual private network (VPN). 

1 22. The system of claim 21 , wherein the OSS installs the address information in 

2 each VS to communicate with all the other VSs in the VPN. 

1 23. The system of claim 12, wherein each router has at least one data link 

2 connection identifier (DLCI) associated therewith comprising routing 

3 information to establish a communications link between the other routers in a 

4 virtual private network (VPN) and to provide service parameters associated with 

5 the users level of frame relay service. 

1 24. The system of claim 12, further comprising a services management system to 

2 permit IP service providers to deploy, manage and account for IP services. 
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1 25 . The system of claim 1 2, further comprising a customer network management 

2 system to permit subscribers to monitor service status, generate reports and 

3 forecasts for network planning and service modification. 

1 26. A system for communications over the Internet, comprising: 

2 a frame relay virtual private network (VPN); and 

3 at least one IPSX for communication over the Internet. 

1 27. The system of claim 26, further comprising an IPSec tunnel being formed 

2 between at least two IPSXs for secure communications through the Internet 

3 between the at least two IP SXs in response to communications between a 

4 subscriber associated with each of the IPSXs. 

1 28. The system of claim 26, further comprising a router with IPSec associated with 

2 at least one subscriber for communications between the at least one subscriber 

3 and another subscriber at another point in the VPN. 

1 29. The system of claim 26, further comprising a remote access server (RAS) 

2 connectable to the public switched telephone network (PSTN) to provide dial-up 

3 access to the frame relay VPN via the Internet. 

1 30. A method for communicating over the Internet, comprising: 

2 generating a frame relay message; 

3 encapsulating the frame relay message in a frame relay over IP (FOEP) 

4 header; 

5 encapsulating the FOIP header and any payload information in user 

6 datagram protocol (UDP/IP); and 

7 transmitting the UDP/IP encapsulated message over the Internet to a 

8 predetermined destination. 
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3 1 . The method of claim 30, further comprising stripping any overhead information 
in the frame relay message and encapsulating valid frames in the FOBP header. 

32. The method of claim 30, further comprising encapsulating the FOIP header and 
payload information in one of IP or EPSec. 

33. The method of claim 30, further comprising transmitting the encapsulated 
message over the Internet via an BPSec tunnel 



Attorney Docket 1384.004 US1 



